cs 356: computer network architectures lecture 10: ip … · 2018-02-15 · cs 356: computer...
TRANSCRIPT
CS 356: Computer Network Architectures
Lecture 10: IP Fragmentation, ARP, and ICMP
Xiaowei [email protected]
Overview
• Homework – 2-dimension parity
• IP fragmentation• ARP• ICMP
Fragmentation and Reassembly
(not required for Lab 2)
Different networks have different Maximum Transmission Units (MTUs)
Packets may traverse multiple links
IP Fragmentation and Reassembly
FDDIRing
RouterHost A Host B
Ethernet
MTUs: FDDI: 4352 Ethernet: 1500
• Fragmentation: • IP router splits the datagram into several datagrams
• What if the size of an IP datagram exceeds the MTU?IP datagram is fragmented into smaller units.
• What if the route contains networks with different MTUs?
Design question: Where is Fragmentation/reassembly done?
• Fragmentation can be done at the sender or at intermediate routers
• The same datagram can be fragmented several times.
• Reassembly of original datagram is only done at destination hosts !! (why?)
Router
IP datagram H Fragment 1 H1Fragment 2 H2
8
What�s involved in Fragmentation?• The following fields in the IP header are involved:
• Identification – When a datagram is fragmented, the identification is the same in all fragments– Used to reassemble the original packet
• Flags– DF bit is set: datagram cannot be fragmented and must be discarded if MTU is too
small• ICMP sent
– MF bit: • 1: this is not the last fragment• 0: last fragment
ECNversion headerlength DS total length (in bytes)
Identification Fragment offset
time-to-live (TTL) protocol header checksum
0 MF
DF
What�s involved in Fragmentation?• The following fields in the IP header are involved:
•Fragment offset• Offset of the payload of the current fragment in the original datagram in units of 8 bytes
• Why?• Because the field is only 13 bits long, while the total length is 16 bits.
• Total length• Total length of the current fragment
ECNversion headerlength DS total length (in bytes)
Identification Fragment offset (13-bit)
time-to-live (TTL) protocol header checksum
0 MF
DF
10
Example of Fragmentation• A datagram with size 2400 bytes must be fragmented according to an MTU
limit of 1000 bytes
IP datagram
Router
Fragment 2Fragment 3
MTU: 1000MTU: 4000
Fragment 1
Header length: 20Total length: 2400
Identification: 0xa428DF flag: 0MF flag: 0
Fragment offset: 0
Header length: 20Total length: 996
Identification: 0xa428DF flag: 0MF flag: 1
fragment offset: 0
Header length: 20Total length: 996
Identification: 0xa428DF flag: 0MF flag: 1
Fragment offset: 122
Header length: 20Total length: 448
Identification: 0xa428DF flag: 0MF flag: 0
Fragment offset: 244
11
Determining the length of fragments
• Maximum payload length = 1000 – 20 = 980 bytes• Offset specifies the bytes in multiple of 8 bytes. So the payload must be a multiple
of 8 bytes.• 980 - 980 % 8 = 976 (the largest number that is less than 980 and divisible by 8)• The payload for the first fragment is 976 and has bytes 0 ~ 975 of the original IP
datagram. The offset is 0.• The payload for the second fragment is 976 and has bytes 976 ~ 1951 of the
original IP datagram. The offset is 976 / 8 = 122. • The pay load of the last fragment is 2400 – 976 * 2 = 428 bytes and has bytes
1952 ~ 2400 of the original IP datagram. The offset is 244.• Total length of three fragments: 996 + 996 + 448 = 2440 > 2400
– Why?– Two additional IP headers.
Path MTU discovery• Fragmentation slows down the router• à should be done by end hosts
• How does a sender know the MTU of a path? – A host only knows the MTU of its links
• Solution– send large packets with DF set– If receive ICMP Fragmentation needed messages, reduce
maximum segment size
Overview
• Homework – 2-dimension parity
• IP fragmentation• ARP• ICMP
=
Longest prefix match• Longest Prefix Match: Search for the
forwarding table entry that has the longest match with the prefix of the destination IP address
1. Search for a match on all 32 bits2. Search for a match for 31 bits
…..32. Search for a match on 0 bits
Host route, loopback entry à 32-bit prefix match
Default route is represented as 0.0.0.0/0 à 0-bit prefix match
128.143.71.21
The longest prefix match for 128.143.71.21 is for 24 bits with entry 128.143.71.0/24
Datagram will be sent to R4
Destination addressNext hop
10.0.0.0/8128.143.0.0/16128.143.64.0/20128.143.192.0/20128.143.71.0/24128.143.71.55/320.0.0.0/0 (default)
eth0R2R3R3R4R3R5
How to find out a host�s Ethernet address after knowing its IP address?
à Address Resolution Protocol
ARP and RARP• Note:
– The Internet is based on IP addresses – Data link protocols (Ethernet, FDDI, ATM) may have different (MAC)
addresses• The ARP and RARP protocols perform the translation between
IP addresses and MAC layer addresses• We will discuss ARP for broadcast LANs, particularly
Ethernet LANs– RFC 826
• RARP obsolete
RARP
Ethernet MACaddress(48 bit)
ARPIP address(32 bit)
Address Translation with ARPARP Request:
Argon broadcasts an ARP request to all stations on the network: �What is the hardware address of 128.143.137.1?�
Argon128.143.137.14400:a0:24:71:e4:44
Router137128.143.137.1
00:e0:f9:23:a8:20
ARP Request:What is the MAC addressof 128.143.71.1?
ARP request:What’s the MAC address of 128.143.137.1
Address Translation with ARPARP Reply:
Router 137 responds with an ARP Reply which contains the hardware address
Argon128.143.137.14400:a0:24:71:e4:44
Router137128.143.137.1
00:e0:f9:23:a8:20
ARP Reply:The MAC address of 128.143.71.1is 00:e0:f9:23:a8:20
ARP Reply:The MAC address of 128.143.137.1 is
00:e0:f9:23:a8:20
Hardware type (2 bytes)
Hardware addresslength (1 byte)
Protocol addresslength (1 byte) Operation code (2 bytes)
Target hardware address*
Protocol type (2 bytes)
Source hardware address*
Source protocol address*
Target protocol address*
* Note: The length of the address fields is determined by the corresponding address length fields
ARP Packet Format
Destinationaddress
6
ARP Request or ARP Reply
28
Sourceaddress
6 2
CRC
4
Type0x8060 Padding
10
Ethernet II header
• Hardware type: ether (1)• Prototype: taken from the set ether_type– IP: 0x0800
• Opcode– ARP request: 1– ARP reply: 2
• Check RFC for implementation details
• ARP Request from Argon is broadcasted:– Source addr in Ethernet header: 00:a0:24:71:e4:44– Destination addr in Ethernet header: FF:FF:FF:FF:FF:FF
Source hardware address: 00:a0:24:71:e4:44Source protocol address: 128.143.137.144Target hardware address: 00:00:00:00:00:00Target protocol address: 128.143.137.1
• ARP Reply from Router137 is unicasted:– Source addr: 00:e0:f9:23:a8:20 – Dst addr: 00:a0:24:71:e4:44
Source hardware address: 00:e0:f9:23:a8:20 Source protocol address: 128.143.137.1 Target hardware address: 00:a0:24:71:e4:44Target protocol address: 128.143.137.144
Example
ARP Cache• Since sending an ARP request/reply for each IP datagram is
inefficient, hosts maintain a cache (ARP Cache) of current entries. The entries expire after a time interval.
• Contents of the ARP Cache:(128.143.71.37) at 00:10:4B:C5:D1:15 [ether] on eth0(128.143.71.36) at 00:B0:D0:E1:17:D5 [ether] on eth0(128.143.71.35) at 00:B0:D0:DE:70:E6 [ether] on eth0(128.143.136.90) at 00:05:3C:06:27:35 [ether] on eth1(128.143.71.34) at 00:B0:D0:E1:17:DB [ether] on eth0(128.143.71.33) at 00:B0:D0:E1:17:DF [ether] on eth0
Putting it together
IP Forwarding Implementation Logistics
loopback Driver
IP Input
Put on IP input queue
ARP demultiplexEthernet Frame
Ethernet
IP destination of packet = local IP address ?
IP destination = multicast or broadcast ?
IP Output
Put on IP input queue
No: get MAC address with ARP
ARPPacket
IP datagram
No
Yes
Yes Ethernet Driver
Lab2 input
Next slide
UDP TCP
Input queue
Lookup next hop
Routing Protocol
Destination address local?
Static routing
Yes
Send datagram
IP forwarding enabled?
No
Discard
Yes No
Demultiplex
routingtable
IP module
Data Link Layer
ICMP
IP Forwarding Logistics (Lab 2)1. Sanity-check
• Meets minimum length and has correct checksum
2. Update header• Decrement the TTL by 1, and compute the packet checksum over the modified
header.
3. Next hop IP lookup• Find out which entry in the routing table has the longest prefix match with the
destination IP address.
4. Next hop MAC lookup• Check the ARP cache for the next-hop MAC address corresponding to the next-hop
IP. If it's there, send it. Otherwise, send an ARP request for the next-hop IP (if one hasn't been sent within the last second), and add the packet to the queue of packets waiting on this ARP request.
5. Error reporting
Error reporting
• Internet Control Message Protocol (ICMP)– Ill-formatted packets– TTL == 0– ARP receives no reply– No protocol or application running at the destination– No routing table match–…
28
• The IP (Internet Protocol) relies on several other protocols to perform necessary control and routing functions:
• Control functions (ICMP)• Multicast signaling (IGMP)• Setting up forwarding tables (RIP, OSPF, BGP, PIM, …)
Control
Routing
ICMP IGMP
RIP OSPF BGP PIM
Location in the protocol stack
29
Overview• The Internet Control Message Protocol (ICMP) is
a helper protocol that supports IP with facility for – Error reporting– Simple queries– ICMP messages are encapsulated as IP datagrams:
IP header ICMP message
IP payload
30
ICMP message format
additional informationor
0x00000000
type code checksum
bit # 0 15 23 248 317 16
4 byte header:• Type (1 byte): type of ICMP message• Code (1 byte): subtype of ICMP message• Checksum (2 bytes): similar to IP header checksum. Checksum is
calculated over the entire ICMP messageIf there is no additional data, there are 4 bytes set to zero.
à each ICMP message is at least 8 bytes long
ICMP Query message
ICMP query: • Request sent by host to a router or host• Reply sent back to querying host
32
Example of ICMP QueriesType/Code: Description
8/0 Echo Request0/0 Echo Reply
13/0 Timestamp Request14/0 Timestamp Reply
Extension (RFC 1256):
10/0 Router Solicitation9/0 Router Advertisement
The ping command uses Echo Request/Echo Reply
33
ICMP Error message
• ICMP error messages report error conditions • Typically sent when a datagram is discarded• Error message is often passed from ICMP to the
application program
ICMP Error message
• ICMP error messages include the complete IP header and the first 8 bytes of the payload (typically: UDP, TCP)
Unused (0x00000000)
IP header ICMP header IP header 8 bytes of payload
ICMP Message
from IP datagram that triggered the error
type code checksum
35
Example: ICMP Port Unreachable• RFC 792: If, in the destination host, the IP module cannot
deliver the datagram because the indicated protocol module or process port is not active, the destination host may send a destination unreachable message to the source host.• Scenario:
Client
Request a serviceat a port 80
Server
No process is waiting at port 80
Port
Unreacha
ble
36
Common ICMP Error messagesType Code Description
3 0–5 Destination unreachable
Notification that an IP datagram could not be forwarded and was dropped. The code field contains an explanation. (traceroute)
5 0–3 Redirect Informs about an alternative route for the datagram and should result in a routing table update. The code field explains the reason for the route change.
11 0, 1 Time exceeded
Sent when the TTL field has reached zero (Code 0) or when there is a timeout for the reassembly of segments (Code 1) (traceroute)
12 0, 1 Parameterproblem
Sent when the IP header is invalid (Code 0) or when an IP header option is missing (Code 1)
37
Some subtypes of the �Destination Unreachable�
Code Description Reason for Sending
0 Network Unreachable
No routing table entry is available for the destination network.
1 Host Unreachable
Destination host should be directly reachable, but does not respond to ARP Requests.
2 Protocol Unreachable
The protocol in the protocol field of the IP header is not supported at the destination.
3 Port Unreachable
The transport protocol at the destination host cannot pass the datagram to an application.
4 Fragmentation Needed and DF Bit Set
IP datagram must be fragmented, but the DF bit in the IP header is set. (MTU discovery)
5 Source route failed
The source routing option has failed.
ICMP applications
• Ping
• Traceroute
• MTU discovery
39
Ping: Echo Request and Reply
• Ping�s are handled directly by the kernel• Each Ping is translated into an ICMP Echo Request• The Ping�ed host responds with an ICMP Echo Reply
Hostor
Router
ICMP ECHO REQUESTHost or
router
ICMP ECH
O REPLY
Type(= 8 or 0)
Code(=0) Checksum
32-bit sender timestamp
identifier sequence number
Optional data
Traceroute• xwy@linux20$ traceroute -n 18.26.0.1– traceroute to 18.26.0.1 (18.26.0.1), 30 hops max, 60 byte
packets– 1 152.3.141.250 4.968 ms 4.990 ms 5.058 ms– 2 152.3.234.195 1.479 ms 1.549 ms 1.615 ms– 3 152.3.234.196 1.157 ms 1.171 ms 1.238 ms– 4 128.109.70.13 1.905 ms 1.885 ms 1.943 ms– 5 128.109.70.138 4.011 ms 3.993 ms 4.045 ms– 6 128.109.70.102 10.551 ms 10.118 ms 10.079 ms– 7 18.3.3.1 28.715 ms 28.691 ms 28.619 ms– 8 18.168.0.23 27.945 ms 28.028 ms 28.080 ms– 9 18.4.7.65 28.037 ms 27.969 ms 27.966 ms– 10 128.30.0.246 27.941 ms * *
Traceroute algorithm• Sends out three UDP packets with
TTL=1,2,…,n, destined to a high port
• Routers on the path send ICMP Time exceeded message with their IP addresses until n reaches the destination distance
• Destination replies with port unreachable ICMP messages
Summary
• Homework – 2-dimension parity
• IP fragmentation• ARP• ICMP